Pricing built for builders.
Three plans scoped to where you are. Same enforcement engine on every tier. Talk to us and we will fit it to your stack.
Building a HIPAA-bound healthtech, fintech, or B2B SaaS product? We are onboarding a small design partner cohort with discounted pricing and direct founder access.
Talk to usBuilder
For engineers at early-stage startups.
- Blueprint generation for one framework
- Identity and Access enforcement on one IdP
- Cloud and Infrastructure enforcement on one cloud account
- Endpoint agent for up to 10 devices
- Daily check cadence
- Tailored policies for SOC 2 or ISO 27001
- Email support
Growth
For teams entering an audit cycle.
- Everything in Builder
- Two frameworks (commonly SOC 2 + ISO 27001)
- Multiple cloud accounts and IdPs
- Endpoint agent for up to 50 devices
- Twice-daily check cadence with selected real-time controls
- Change and Development domain enforcement
- Vendor and policy attestation orchestration
- Dedicated Slack channel
- Quarterly Blueprint review with our compliance team
Enterprise
For organizations with control density and complex stacks.
- Everything in Growth
- Real-time enforcement across selected domains
- HIPAA and additional framework overlays
- Multi-region cloud and multi-IdP environments
- Endpoint agent unlimited
- People and Process orchestration at scale
- Custom Blueprint review with our compliance team
- SLA-backed support
- Annual security review
Extend coverage as you grow.
Framework overlay
Add an additional framework to an existing plan. Pay only for the incremental control surface.
Auditor marketplace
ComingMatch with vetted independent auditors. Engagement letters stay between you and the auditor.
Penetration testing
Coordinated through partner firms.
Same engine. Same Blueprint. Same evidence model.
Every plan runs on the same enforcement engine. The difference is domain coverage, check cadence, and integration breadth. The Blueprint and the evidence model are the same on every tier.